stackoom
  简体   繁体   中英

How can I get the remote IP / Client IP using NGINX in Docker ?? Also using Laravel

 原文  2022-11-13 19:06:20       php/ laravel/ nginx/ firewall/ fortigate

Question

I am running NGINX as part of a Docker package. It is both a webserver and a reverse proxy, and the container has PHP bundled in with it. The front-end web application is built with Laravel. There are some instances where I want to get the client's IP address, and this seems to a little problematic in some cases. This isn't for the proxy, but for the web application served with NGINX and PHP.

On my development system at home I am getting an IP for the docker.network when connecting with a browser from my local machine.

$_SERVER['SERVER_ADDR'] = 172.19.0.10
$_SERVER['REMOTE_ADDR'] = 172.19.0.1

On a Digital Ocean Dev server it has:

$_SERVER['SERVER_ADDR'] 172.27.0.16
$_SERVER['REMOTE_ADDR'] 213.225.x.xx, which is Austria, my IP

and on a Production server elsewhere I think it has:

$_SERVER['SERVER_ADDR'] ???
$_SERVER['REMOTE_ADDR'] = The WAN IP for the office where the server is installed.

This isn't the client IP, but the WAN address for the office itself.

The server at that office is behind I think a WatchGuard or Fortigate router / Firewall.

So, the Digital Ocean Dev server is actually "OK". I have access to what I need, but the office setup probably isn't setup to forward the client ip to the server that runs on their inte.net?

It isnt' critical currently, but it would be nice to be able to capture to public client IP in all cases.

I could do a little more investigation with log files, etc., but pretty sure I'll have to:

  1. Possibly configure something in my NGINX config

and/or

  1. Have someone configure the firewall to pass through the client IP because it seems like it isn't doing that currently, or I'm not capturing what it is sending.

1 answers

solution1
 2 ACCPTED  2022-11-13 19:27:04

The nginx proxy at the office can be configured to pass the client's IP address using the proxy_set_header directive.

The nginx reverse proxy docs here show an example:

location /some/path/ {
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_pass http://localhost:8000;
}

In the config block where the reverse proxy proxy_pass directive is set, adding proxy_set_header X-Real-IP $remote_addr; tells the proxy to inject a new HTTP header, X-Real-IP , with the IP address of the client. In the Laravel app, you can use this to get the actual client IP. In your application, make sure only to use this header when it can be trusted 1 .

This is necessary because the proxy is taking and re-sending the client's request via the proxy server from its own.network address. The only way the application can get the original client IP for the request being proxied is if that IP address is passed in the headers by the proxy.

1 https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For#security_and_privacy_concerns

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to get client ip from request using symfony in docker How to get the local IP of the client using php? With Nginx, how do I preserve the client's IP address when using proxy_pass? Docker Swarm get real IP (client host) in Nginx how can i get currency locale using ip address “ request()->ip();” How to get client IP address in Laravel 5+ How to automatically include client ip address from Request()->ip() in eloquent create method using Laravel 5.2? How can I get client's IP address? How can I get the IP address and port of a client with PHP? How can I get the MAC and the IP address of a connected client in PHP?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM